pulumi-snowflake 2.2.0a1751946295__py3-none-any.whl → 2.3.0__py3-none-any.whl

pulumi_snowflake/external_oauth_integration.py

@@ -2,8 +2,7 @@
 # *** WARNING: this file was generated by pulumi-language-python. ***
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
-import builtins
-import copy
+import builtins as _builtins
 import warnings
 import sys
 import pulumi
@@ -22,40 +21,40 @@ __all__ = ['ExternalOauthIntegrationArgs', 'ExternalOauthIntegration']
 @pulumi.input_type
 class ExternalOauthIntegrationArgs:
     def __init__(__self__, *,
-                 enabled: pulumi.Input[builtins.bool],
-                 external_oauth_issuer: pulumi.Input[builtins.str],
-                 external_oauth_snowflake_user_mapping_attribute: pulumi.Input[builtins.str],
-                 external_oauth_token_user_mapping_claims: pulumi.Input[Sequence[pulumi.Input[builtins.str]]],
-                 external_oauth_type: pulumi.Input[builtins.str],
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_any_role_mode: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_scope_delimiter: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_scope_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None):
+                 enabled: pulumi.Input[_builtins.bool],
+                 external_oauth_issuer: pulumi.Input[_builtins.str],
+                 external_oauth_snowflake_user_mapping_attribute: pulumi.Input[_builtins.str],
+                 external_oauth_token_user_mapping_claims: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]],
+                 external_oauth_type: pulumi.Input[_builtins.str],
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_any_role_mode: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_scope_delimiter: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_scope_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None):
         """
         The set of arguments for constructing a ExternalOauthIntegration resource.
-        :param pulumi.Input[builtins.bool] enabled: Specifies whether to initiate operation of the integration or suspend it.
-        :param pulumi.Input[builtins.str] external_oauth_issuer: Specifies the URL to define the OAuth 2.0 authorization server.
-        :param pulumi.Input[builtins.str] external_oauth_snowflake_user_mapping_attribute: Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_token_user_mapping_claims: Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_type: Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the OAuth integration.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_allowed_roles_lists: Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] external_oauth_any_role_mode: Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_audience_lists: Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_blocked_roles_lists: Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_jws_keys_urls: Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_rsa_public_key: Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_rsa_public_key2: Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_scope_delimiter: Specifies the scope delimiter in the authorization token.
-        :param pulumi.Input[builtins.str] external_oauth_scope_mapping_attribute: Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] name: Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.bool] enabled: Specifies whether to initiate operation of the integration or suspend it.
+        :param pulumi.Input[_builtins.str] external_oauth_issuer: Specifies the URL to define the OAuth 2.0 authorization server.
+        :param pulumi.Input[_builtins.str] external_oauth_snowflake_user_mapping_attribute: Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_token_user_mapping_claims: Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_type: Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the OAuth integration.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_allowed_roles_lists: Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] external_oauth_any_role_mode: Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_audience_lists: Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_blocked_roles_lists: Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_jws_keys_urls: Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_rsa_public_key: Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_rsa_public_key2: Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_scope_delimiter: Specifies the scope delimiter in the authorization token.
+        :param pulumi.Input[_builtins.str] external_oauth_scope_mapping_attribute: Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         pulumi.set(__self__, "enabled", enabled)
         pulumi.set(__self__, "external_oauth_issuer", external_oauth_issuer)
@@ -85,242 +84,242 @@ class ExternalOauthIntegrationArgs:
         if name is not None:
             pulumi.set(__self__, "name", name)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> pulumi.Input[builtins.bool]:
+    def enabled(self) -> pulumi.Input[_builtins.bool]:
         """
         Specifies whether to initiate operation of the integration or suspend it.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: pulumi.Input[builtins.bool]):
+    def enabled(self, value: pulumi.Input[_builtins.bool]):
         pulumi.set(self, "enabled", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthIssuer")
-    def external_oauth_issuer(self) -> pulumi.Input[builtins.str]:
+    def external_oauth_issuer(self) -> pulumi.Input[_builtins.str]:
         """
         Specifies the URL to define the OAuth 2.0 authorization server.
         """
         return pulumi.get(self, "external_oauth_issuer")
 
     @external_oauth_issuer.setter
-    def external_oauth_issuer(self, value: pulumi.Input[builtins.str]):
+    def external_oauth_issuer(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "external_oauth_issuer", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthSnowflakeUserMappingAttribute")
-    def external_oauth_snowflake_user_mapping_attribute(self) -> pulumi.Input[builtins.str]:
+    def external_oauth_snowflake_user_mapping_attribute(self) -> pulumi.Input[_builtins.str]:
         """
         Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
         """
         return pulumi.get(self, "external_oauth_snowflake_user_mapping_attribute")
 
     @external_oauth_snowflake_user_mapping_attribute.setter
-    def external_oauth_snowflake_user_mapping_attribute(self, value: pulumi.Input[builtins.str]):
+    def external_oauth_snowflake_user_mapping_attribute(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "external_oauth_snowflake_user_mapping_attribute", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthTokenUserMappingClaims")
-    def external_oauth_token_user_mapping_claims(self) -> pulumi.Input[Sequence[pulumi.Input[builtins.str]]]:
+    def external_oauth_token_user_mapping_claims(self) -> pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]:
         """
         Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_token_user_mapping_claims")
 
     @external_oauth_token_user_mapping_claims.setter
-    def external_oauth_token_user_mapping_claims(self, value: pulumi.Input[Sequence[pulumi.Input[builtins.str]]]):
+    def external_oauth_token_user_mapping_claims(self, value: pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]):
         pulumi.set(self, "external_oauth_token_user_mapping_claims", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthType")
-    def external_oauth_type(self) -> pulumi.Input[builtins.str]:
+    def external_oauth_type(self) -> pulumi.Input[_builtins.str]:
         """
         Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
         """
         return pulumi.get(self, "external_oauth_type")
 
     @external_oauth_type.setter
-    def external_oauth_type(self, value: pulumi.Input[builtins.str]):
+    def external_oauth_type(self, value: pulumi.Input[_builtins.str]):
         pulumi.set(self, "external_oauth_type", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> Optional[pulumi.Input[builtins.str]]:
+    def comment(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a comment for the OAuth integration.
         """
         return pulumi.get(self, "comment")
 
     @comment.setter
-    def comment(self, value: Optional[pulumi.Input[builtins.str]]):
+    def comment(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "comment", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAllowedRolesLists")
-    def external_oauth_allowed_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_allowed_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
         """
         return pulumi.get(self, "external_oauth_allowed_roles_lists")
 
     @external_oauth_allowed_roles_lists.setter
-    def external_oauth_allowed_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_allowed_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_allowed_roles_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAnyRoleMode")
-    def external_oauth_any_role_mode(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_any_role_mode(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
         """
         return pulumi.get(self, "external_oauth_any_role_mode")
 
     @external_oauth_any_role_mode.setter
-    def external_oauth_any_role_mode(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_any_role_mode(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_any_role_mode", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAudienceLists")
-    def external_oauth_audience_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_audience_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
         """
         return pulumi.get(self, "external_oauth_audience_lists")
 
     @external_oauth_audience_lists.setter
-    def external_oauth_audience_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_audience_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_audience_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthBlockedRolesLists")
-    def external_oauth_blocked_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_blocked_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
         """
         return pulumi.get(self, "external_oauth_blocked_roles_lists")
 
     @external_oauth_blocked_roles_lists.setter
-    def external_oauth_blocked_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_blocked_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_blocked_roles_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthJwsKeysUrls")
-    def external_oauth_jws_keys_urls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_jws_keys_urls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_jws_keys_urls")
 
     @external_oauth_jws_keys_urls.setter
-    def external_oauth_jws_keys_urls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_jws_keys_urls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_jws_keys_urls", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthRsaPublicKey")
-    def external_oauth_rsa_public_key(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_rsa_public_key(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_rsa_public_key")
 
     @external_oauth_rsa_public_key.setter
-    def external_oauth_rsa_public_key(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_rsa_public_key(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_rsa_public_key", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthRsaPublicKey2")
-    def external_oauth_rsa_public_key2(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_rsa_public_key2(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_rsa_public_key2")
 
     @external_oauth_rsa_public_key2.setter
-    def external_oauth_rsa_public_key2(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_rsa_public_key2(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_rsa_public_key2", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthScopeDelimiter")
-    def external_oauth_scope_delimiter(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_scope_delimiter(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the scope delimiter in the authorization token.
         """
         return pulumi.get(self, "external_oauth_scope_delimiter")
 
     @external_oauth_scope_delimiter.setter
-    def external_oauth_scope_delimiter(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_scope_delimiter(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_scope_delimiter", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthScopeMappingAttribute")
-    def external_oauth_scope_mapping_attribute(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_scope_mapping_attribute(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_scope_mapping_attribute")
 
     @external_oauth_scope_mapping_attribute.setter
-    def external_oauth_scope_mapping_attribute(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_scope_mapping_attribute(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_scope_mapping_attribute", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "name", value)
 
 
 @pulumi.input_type
 class _ExternalOauthIntegrationState:
     def __init__(__self__, *,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
                  describe_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationDescribeOutputArgs']]]] = None,
-                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
-                 external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_any_role_mode: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_issuer: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_scope_delimiter: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_scope_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_snowflake_user_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_token_user_mapping_claims: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_type: Optional[pulumi.Input[builtins.str]] = None,
-                 fully_qualified_name: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_any_role_mode: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_issuer: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_scope_delimiter: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_scope_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_snowflake_user_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_token_user_mapping_claims: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 fully_qualified_name: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
                  related_parameters: Optional[pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationRelatedParameterArgs']]]] = None,
                  show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationShowOutputArgs']]]] = None):
         """
         Input properties used for looking up and filtering ExternalOauthIntegration resources.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the OAuth integration.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the OAuth integration.
         :param pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationDescribeOutputArgs']]] describe_outputs: Outputs the result of `DESCRIBE SECURITY INTEGRATIONS` for the given security integration.
-        :param pulumi.Input[builtins.bool] enabled: Specifies whether to initiate operation of the integration or suspend it.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_allowed_roles_lists: Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] external_oauth_any_role_mode: Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_audience_lists: Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_blocked_roles_lists: Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] external_oauth_issuer: Specifies the URL to define the OAuth 2.0 authorization server.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_jws_keys_urls: Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_rsa_public_key: Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_rsa_public_key2: Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_scope_delimiter: Specifies the scope delimiter in the authorization token.
-        :param pulumi.Input[builtins.str] external_oauth_scope_mapping_attribute: Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_snowflake_user_mapping_attribute: Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_token_user_mapping_claims: Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_type: Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
-        :param pulumi.Input[builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
-        :param pulumi.Input[builtins.str] name: Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.bool] enabled: Specifies whether to initiate operation of the integration or suspend it.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_allowed_roles_lists: Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] external_oauth_any_role_mode: Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_audience_lists: Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_blocked_roles_lists: Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] external_oauth_issuer: Specifies the URL to define the OAuth 2.0 authorization server.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_jws_keys_urls: Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_rsa_public_key: Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_rsa_public_key2: Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_scope_delimiter: Specifies the scope delimiter in the authorization token.
+        :param pulumi.Input[_builtins.str] external_oauth_scope_mapping_attribute: Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_snowflake_user_mapping_attribute: Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_token_user_mapping_claims: Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_type: Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
+        :param pulumi.Input[_builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationRelatedParameterArgs']]] related_parameters: Parameters related to this security integration.
         :param pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationShowOutputArgs']]] show_outputs: Outputs the result of `SHOW SECURITY INTEGRATIONS` for the given security integration.
         """
@@ -365,19 +364,19 @@ class _ExternalOauthIntegrationState:
         if show_outputs is not None:
             pulumi.set(__self__, "show_outputs", show_outputs)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> Optional[pulumi.Input[builtins.str]]:
+    def comment(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a comment for the OAuth integration.
         """
         return pulumi.get(self, "comment")
 
     @comment.setter
-    def comment(self, value: Optional[pulumi.Input[builtins.str]]):
+    def comment(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "comment", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="describeOutputs")
     def describe_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationDescribeOutputArgs']]]]:
         """
@@ -389,199 +388,199 @@ class _ExternalOauthIntegrationState:
     def describe_outputs(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationDescribeOutputArgs']]]]):
         pulumi.set(self, "describe_outputs", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> Optional[pulumi.Input[builtins.bool]]:
+    def enabled(self) -> Optional[pulumi.Input[_builtins.bool]]:
         """
         Specifies whether to initiate operation of the integration or suspend it.
         """
         return pulumi.get(self, "enabled")
 
     @enabled.setter
-    def enabled(self, value: Optional[pulumi.Input[builtins.bool]]):
+    def enabled(self, value: Optional[pulumi.Input[_builtins.bool]]):
         pulumi.set(self, "enabled", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAllowedRolesLists")
-    def external_oauth_allowed_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_allowed_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
         """
         return pulumi.get(self, "external_oauth_allowed_roles_lists")
 
     @external_oauth_allowed_roles_lists.setter
-    def external_oauth_allowed_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_allowed_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_allowed_roles_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAnyRoleMode")
-    def external_oauth_any_role_mode(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_any_role_mode(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
         """
         return pulumi.get(self, "external_oauth_any_role_mode")
 
     @external_oauth_any_role_mode.setter
-    def external_oauth_any_role_mode(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_any_role_mode(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_any_role_mode", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAudienceLists")
-    def external_oauth_audience_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_audience_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
         """
         return pulumi.get(self, "external_oauth_audience_lists")
 
     @external_oauth_audience_lists.setter
-    def external_oauth_audience_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_audience_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_audience_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthBlockedRolesLists")
-    def external_oauth_blocked_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_blocked_roles_lists(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
         """
         return pulumi.get(self, "external_oauth_blocked_roles_lists")
 
     @external_oauth_blocked_roles_lists.setter
-    def external_oauth_blocked_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_blocked_roles_lists(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_blocked_roles_lists", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthIssuer")
-    def external_oauth_issuer(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_issuer(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the URL to define the OAuth 2.0 authorization server.
         """
         return pulumi.get(self, "external_oauth_issuer")
 
     @external_oauth_issuer.setter
-    def external_oauth_issuer(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_issuer(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_issuer", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthJwsKeysUrls")
-    def external_oauth_jws_keys_urls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_jws_keys_urls(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_jws_keys_urls")
 
     @external_oauth_jws_keys_urls.setter
-    def external_oauth_jws_keys_urls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_jws_keys_urls(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_jws_keys_urls", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthRsaPublicKey")
-    def external_oauth_rsa_public_key(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_rsa_public_key(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_rsa_public_key")
 
     @external_oauth_rsa_public_key.setter
-    def external_oauth_rsa_public_key(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_rsa_public_key(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_rsa_public_key", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthRsaPublicKey2")
-    def external_oauth_rsa_public_key2(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_rsa_public_key2(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_rsa_public_key2")
 
     @external_oauth_rsa_public_key2.setter
-    def external_oauth_rsa_public_key2(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_rsa_public_key2(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_rsa_public_key2", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthScopeDelimiter")
-    def external_oauth_scope_delimiter(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_scope_delimiter(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the scope delimiter in the authorization token.
         """
         return pulumi.get(self, "external_oauth_scope_delimiter")
 
     @external_oauth_scope_delimiter.setter
-    def external_oauth_scope_delimiter(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_scope_delimiter(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_scope_delimiter", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthScopeMappingAttribute")
-    def external_oauth_scope_mapping_attribute(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_scope_mapping_attribute(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_scope_mapping_attribute")
 
     @external_oauth_scope_mapping_attribute.setter
-    def external_oauth_scope_mapping_attribute(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_scope_mapping_attribute(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_scope_mapping_attribute", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthSnowflakeUserMappingAttribute")
-    def external_oauth_snowflake_user_mapping_attribute(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_snowflake_user_mapping_attribute(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
         """
         return pulumi.get(self, "external_oauth_snowflake_user_mapping_attribute")
 
     @external_oauth_snowflake_user_mapping_attribute.setter
-    def external_oauth_snowflake_user_mapping_attribute(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_snowflake_user_mapping_attribute(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_snowflake_user_mapping_attribute", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthTokenUserMappingClaims")
-    def external_oauth_token_user_mapping_claims(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]:
+    def external_oauth_token_user_mapping_claims(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]:
         """
         Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_token_user_mapping_claims")
 
     @external_oauth_token_user_mapping_claims.setter
-    def external_oauth_token_user_mapping_claims(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]]):
+    def external_oauth_token_user_mapping_claims(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]]):
         pulumi.set(self, "external_oauth_token_user_mapping_claims", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthType")
-    def external_oauth_type(self) -> Optional[pulumi.Input[builtins.str]]:
+    def external_oauth_type(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
         """
         return pulumi.get(self, "external_oauth_type")
 
     @external_oauth_type.setter
-    def external_oauth_type(self, value: Optional[pulumi.Input[builtins.str]]):
+    def external_oauth_type(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "external_oauth_type", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="fullyQualifiedName")
-    def fully_qualified_name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def fully_qualified_name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         """
         return pulumi.get(self, "fully_qualified_name")
 
     @fully_qualified_name.setter
-    def fully_qualified_name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def fully_qualified_name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "fully_qualified_name", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> Optional[pulumi.Input[builtins.str]]:
+    def name(self) -> Optional[pulumi.Input[_builtins.str]]:
         """
         Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
     @name.setter
-    def name(self, value: Optional[pulumi.Input[builtins.str]]):
+    def name(self, value: Optional[pulumi.Input[_builtins.str]]):
         pulumi.set(self, "name", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="relatedParameters")
     def related_parameters(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationRelatedParameterArgs']]]]:
         """
@@ -593,7 +592,7 @@ class _ExternalOauthIntegrationState:
     def related_parameters(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationRelatedParameterArgs']]]]):
         pulumi.set(self, "related_parameters", value)
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="showOutputs")
     def show_outputs(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ExternalOauthIntegrationShowOutputArgs']]]]:
         """
@@ -612,22 +611,22 @@ class ExternalOauthIntegration(pulumi.CustomResource):
     def __init__(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
-                 external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_any_role_mode: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_issuer: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_scope_delimiter: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_scope_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_snowflake_user_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_token_user_mapping_claims: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_type: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_any_role_mode: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_issuer: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_scope_delimiter: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_scope_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_snowflake_user_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_token_user_mapping_claims: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         """
         ## Import
@@ -638,22 +637,22 @@ class ExternalOauthIntegration(pulumi.CustomResource):
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the OAuth integration.
-        :param pulumi.Input[builtins.bool] enabled: Specifies whether to initiate operation of the integration or suspend it.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_allowed_roles_lists: Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] external_oauth_any_role_mode: Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_audience_lists: Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_blocked_roles_lists: Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] external_oauth_issuer: Specifies the URL to define the OAuth 2.0 authorization server.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_jws_keys_urls: Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_rsa_public_key: Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_rsa_public_key2: Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_scope_delimiter: Specifies the scope delimiter in the authorization token.
-        :param pulumi.Input[builtins.str] external_oauth_scope_mapping_attribute: Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_snowflake_user_mapping_attribute: Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_token_user_mapping_claims: Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_type: Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
-        :param pulumi.Input[builtins.str] name: Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the OAuth integration.
+        :param pulumi.Input[_builtins.bool] enabled: Specifies whether to initiate operation of the integration or suspend it.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_allowed_roles_lists: Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] external_oauth_any_role_mode: Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_audience_lists: Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_blocked_roles_lists: Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] external_oauth_issuer: Specifies the URL to define the OAuth 2.0 authorization server.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_jws_keys_urls: Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_rsa_public_key: Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_rsa_public_key2: Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_scope_delimiter: Specifies the scope delimiter in the authorization token.
+        :param pulumi.Input[_builtins.str] external_oauth_scope_mapping_attribute: Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_snowflake_user_mapping_attribute: Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_token_user_mapping_claims: Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_type: Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         ...
     @overload
@@ -683,22 +682,22 @@ class ExternalOauthIntegration(pulumi.CustomResource):
     def _internal_init(__self__,
                  resource_name: str,
                  opts: Optional[pulumi.ResourceOptions] = None,
-                 comment: Optional[pulumi.Input[builtins.str]] = None,
-                 enabled: Optional[pulumi.Input[builtins.bool]] = None,
-                 external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_any_role_mode: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_issuer: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_scope_delimiter: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_scope_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_snowflake_user_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-                 external_oauth_token_user_mapping_claims: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-                 external_oauth_type: Optional[pulumi.Input[builtins.str]] = None,
-                 name: Optional[pulumi.Input[builtins.str]] = None,
+                 comment: Optional[pulumi.Input[_builtins.str]] = None,
+                 enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+                 external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_any_role_mode: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_issuer: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_scope_delimiter: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_scope_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_snowflake_user_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+                 external_oauth_token_user_mapping_claims: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+                 external_oauth_type: Optional[pulumi.Input[_builtins.str]] = None,
+                 name: Optional[pulumi.Input[_builtins.str]] = None,
                  __props__=None):
         opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts)
         if not isinstance(opts, pulumi.ResourceOptions):
@@ -748,24 +747,24 @@ class ExternalOauthIntegration(pulumi.CustomResource):
     def get(resource_name: str,
             id: pulumi.Input[str],
             opts: Optional[pulumi.ResourceOptions] = None,
-            comment: Optional[pulumi.Input[builtins.str]] = None,
+            comment: Optional[pulumi.Input[_builtins.str]] = None,
             describe_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ExternalOauthIntegrationDescribeOutputArgs', 'ExternalOauthIntegrationDescribeOutputArgsDict']]]]] = None,
-            enabled: Optional[pulumi.Input[builtins.bool]] = None,
-            external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-            external_oauth_any_role_mode: Optional[pulumi.Input[builtins.str]] = None,
-            external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-            external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-            external_oauth_issuer: Optional[pulumi.Input[builtins.str]] = None,
-            external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-            external_oauth_rsa_public_key: Optional[pulumi.Input[builtins.str]] = None,
-            external_oauth_rsa_public_key2: Optional[pulumi.Input[builtins.str]] = None,
-            external_oauth_scope_delimiter: Optional[pulumi.Input[builtins.str]] = None,
-            external_oauth_scope_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-            external_oauth_snowflake_user_mapping_attribute: Optional[pulumi.Input[builtins.str]] = None,
-            external_oauth_token_user_mapping_claims: Optional[pulumi.Input[Sequence[pulumi.Input[builtins.str]]]] = None,
-            external_oauth_type: Optional[pulumi.Input[builtins.str]] = None,
-            fully_qualified_name: Optional[pulumi.Input[builtins.str]] = None,
-            name: Optional[pulumi.Input[builtins.str]] = None,
+            enabled: Optional[pulumi.Input[_builtins.bool]] = None,
+            external_oauth_allowed_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            external_oauth_any_role_mode: Optional[pulumi.Input[_builtins.str]] = None,
+            external_oauth_audience_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            external_oauth_blocked_roles_lists: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            external_oauth_issuer: Optional[pulumi.Input[_builtins.str]] = None,
+            external_oauth_jws_keys_urls: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            external_oauth_rsa_public_key: Optional[pulumi.Input[_builtins.str]] = None,
+            external_oauth_rsa_public_key2: Optional[pulumi.Input[_builtins.str]] = None,
+            external_oauth_scope_delimiter: Optional[pulumi.Input[_builtins.str]] = None,
+            external_oauth_scope_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+            external_oauth_snowflake_user_mapping_attribute: Optional[pulumi.Input[_builtins.str]] = None,
+            external_oauth_token_user_mapping_claims: Optional[pulumi.Input[Sequence[pulumi.Input[_builtins.str]]]] = None,
+            external_oauth_type: Optional[pulumi.Input[_builtins.str]] = None,
+            fully_qualified_name: Optional[pulumi.Input[_builtins.str]] = None,
+            name: Optional[pulumi.Input[_builtins.str]] = None,
             related_parameters: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ExternalOauthIntegrationRelatedParameterArgs', 'ExternalOauthIntegrationRelatedParameterArgsDict']]]]] = None,
             show_outputs: Optional[pulumi.Input[Sequence[pulumi.Input[Union['ExternalOauthIntegrationShowOutputArgs', 'ExternalOauthIntegrationShowOutputArgsDict']]]]] = None) -> 'ExternalOauthIntegration':
         """
@@ -775,24 +774,24 @@ class ExternalOauthIntegration(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[builtins.str] comment: Specifies a comment for the OAuth integration.
+        :param pulumi.Input[_builtins.str] comment: Specifies a comment for the OAuth integration.
         :param pulumi.Input[Sequence[pulumi.Input[Union['ExternalOauthIntegrationDescribeOutputArgs', 'ExternalOauthIntegrationDescribeOutputArgsDict']]]] describe_outputs: Outputs the result of `DESCRIBE SECURITY INTEGRATIONS` for the given security integration.
-        :param pulumi.Input[builtins.bool] enabled: Specifies whether to initiate operation of the integration or suspend it.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_allowed_roles_lists: Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] external_oauth_any_role_mode: Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_audience_lists: Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_blocked_roles_lists: Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
-        :param pulumi.Input[builtins.str] external_oauth_issuer: Specifies the URL to define the OAuth 2.0 authorization server.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_jws_keys_urls: Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_rsa_public_key: Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_rsa_public_key2: Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_scope_delimiter: Specifies the scope delimiter in the authorization token.
-        :param pulumi.Input[builtins.str] external_oauth_scope_mapping_attribute: Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_snowflake_user_mapping_attribute: Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
-        :param pulumi.Input[Sequence[pulumi.Input[builtins.str]]] external_oauth_token_user_mapping_claims: Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
-        :param pulumi.Input[builtins.str] external_oauth_type: Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
-        :param pulumi.Input[builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
-        :param pulumi.Input[builtins.str] name: Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
+        :param pulumi.Input[_builtins.bool] enabled: Specifies whether to initiate operation of the integration or suspend it.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_allowed_roles_lists: Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] external_oauth_any_role_mode: Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_audience_lists: Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_blocked_roles_lists: Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
+        :param pulumi.Input[_builtins.str] external_oauth_issuer: Specifies the URL to define the OAuth 2.0 authorization server.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_jws_keys_urls: Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_rsa_public_key: Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_rsa_public_key2: Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_scope_delimiter: Specifies the scope delimiter in the authorization token.
+        :param pulumi.Input[_builtins.str] external_oauth_scope_mapping_attribute: Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_snowflake_user_mapping_attribute: Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
+        :param pulumi.Input[Sequence[pulumi.Input[_builtins.str]]] external_oauth_token_user_mapping_claims: Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
+        :param pulumi.Input[_builtins.str] external_oauth_type: Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
+        :param pulumi.Input[_builtins.str] fully_qualified_name: Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
+        :param pulumi.Input[_builtins.str] name: Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         :param pulumi.Input[Sequence[pulumi.Input[Union['ExternalOauthIntegrationRelatedParameterArgs', 'ExternalOauthIntegrationRelatedParameterArgsDict']]]] related_parameters: Parameters related to this security integration.
         :param pulumi.Input[Sequence[pulumi.Input[Union['ExternalOauthIntegrationShowOutputArgs', 'ExternalOauthIntegrationShowOutputArgsDict']]]] show_outputs: Outputs the result of `SHOW SECURITY INTEGRATIONS` for the given security integration.
         """
@@ -822,15 +821,15 @@ class ExternalOauthIntegration(pulumi.CustomResource):
         __props__.__dict__["show_outputs"] = show_outputs
         return ExternalOauthIntegration(resource_name, opts=opts, __props__=__props__)
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def comment(self) -> pulumi.Output[Optional[builtins.str]]:
+    def comment(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies a comment for the OAuth integration.
         """
         return pulumi.get(self, "comment")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="describeOutputs")
     def describe_outputs(self) -> pulumi.Output[Sequence['outputs.ExternalOauthIntegrationDescribeOutput']]:
         """
@@ -838,135 +837,135 @@ class ExternalOauthIntegration(pulumi.CustomResource):
         """
         return pulumi.get(self, "describe_outputs")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def enabled(self) -> pulumi.Output[builtins.bool]:
+    def enabled(self) -> pulumi.Output[_builtins.bool]:
         """
         Specifies whether to initiate operation of the integration or suspend it.
         """
         return pulumi.get(self, "enabled")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAllowedRolesLists")
-    def external_oauth_allowed_roles_lists(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+    def external_oauth_allowed_roles_lists(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
         Specifies the list of roles that the client can set as the primary role. For more information about this resource, see docs.
         """
         return pulumi.get(self, "external_oauth_allowed_roles_lists")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAnyRoleMode")
-    def external_oauth_any_role_mode(self) -> pulumi.Output[Optional[builtins.str]]:
+    def external_oauth_any_role_mode(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies whether the OAuth client or user can use a role that is not defined in the OAuth access token. Valid values are (case-insensitive): `DISABLE` | `ENABLE` | `ENABLE_FOR_PRIVILEGE`.
         """
         return pulumi.get(self, "external_oauth_any_role_mode")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthAudienceLists")
-    def external_oauth_audience_lists(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+    def external_oauth_audience_lists(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
         Specifies additional values that can be used for the access token's audience validation on top of using the Customer's Snowflake Account URL
         """
         return pulumi.get(self, "external_oauth_audience_lists")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthBlockedRolesLists")
-    def external_oauth_blocked_roles_lists(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+    def external_oauth_blocked_roles_lists(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
         Specifies the list of roles that a client cannot set as the primary role. By default, this list includes the ACCOUNTADMIN, ORGADMIN and SECURITYADMIN roles. To remove these privileged roles from the list, use the ALTER ACCOUNT command to set the EXTERNAL*OAUTH*ADD*PRIVILEGED*ROLES*TO*BLOCKED*LIST account parameter to FALSE. For more information about this resource, see docs.
         """
         return pulumi.get(self, "external_oauth_blocked_roles_lists")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthIssuer")
-    def external_oauth_issuer(self) -> pulumi.Output[builtins.str]:
+    def external_oauth_issuer(self) -> pulumi.Output[_builtins.str]:
         """
         Specifies the URL to define the OAuth 2.0 authorization server.
         """
         return pulumi.get(self, "external_oauth_issuer")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthJwsKeysUrls")
-    def external_oauth_jws_keys_urls(self) -> pulumi.Output[Optional[Sequence[builtins.str]]]:
+    def external_oauth_jws_keys_urls(self) -> pulumi.Output[Optional[Sequence[_builtins.str]]]:
         """
         Specifies the endpoint or a list of endpoints from which to download public keys or certificates to validate an External OAuth access token. The maximum number of URLs that can be specified in the list is 3. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_jws_keys_urls")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthRsaPublicKey")
-    def external_oauth_rsa_public_key(self) -> pulumi.Output[Optional[builtins.str]]:
+    def external_oauth_rsa_public_key(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies a Base64-encoded RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_rsa_public_key")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthRsaPublicKey2")
-    def external_oauth_rsa_public_key2(self) -> pulumi.Output[Optional[builtins.str]]:
+    def external_oauth_rsa_public_key2(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies a second RSA public key, without the -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- headers. Used for key rotation. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_rsa_public_key2")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthScopeDelimiter")
-    def external_oauth_scope_delimiter(self) -> pulumi.Output[Optional[builtins.str]]:
+    def external_oauth_scope_delimiter(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies the scope delimiter in the authorization token.
         """
         return pulumi.get(self, "external_oauth_scope_delimiter")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthScopeMappingAttribute")
-    def external_oauth_scope_mapping_attribute(self) -> pulumi.Output[Optional[builtins.str]]:
+    def external_oauth_scope_mapping_attribute(self) -> pulumi.Output[Optional[_builtins.str]]:
         """
         Specifies the access token claim to map the access token to an account role. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_scope_mapping_attribute")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthSnowflakeUserMappingAttribute")
-    def external_oauth_snowflake_user_mapping_attribute(self) -> pulumi.Output[builtins.str]:
+    def external_oauth_snowflake_user_mapping_attribute(self) -> pulumi.Output[_builtins.str]:
         """
         Indicates which Snowflake user record attribute should be used to map the access token to a Snowflake user record. Valid values are (case-insensitive): `LOGIN_NAME` | `EMAIL_ADDRESS`.
         """
         return pulumi.get(self, "external_oauth_snowflake_user_mapping_attribute")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthTokenUserMappingClaims")
-    def external_oauth_token_user_mapping_claims(self) -> pulumi.Output[Sequence[builtins.str]]:
+    def external_oauth_token_user_mapping_claims(self) -> pulumi.Output[Sequence[_builtins.str]]:
         """
         Specifies the access token claim or claims that can be used to map the access token to a Snowflake user record. If removed from the config, the resource is recreated.
         """
         return pulumi.get(self, "external_oauth_token_user_mapping_claims")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="externalOauthType")
-    def external_oauth_type(self) -> pulumi.Output[builtins.str]:
+    def external_oauth_type(self) -> pulumi.Output[_builtins.str]:
         """
         Specifies the OAuth 2.0 authorization server to be Okta, Microsoft Azure AD, Ping Identity PingFederate, or a Custom OAuth 2.0 authorization server. Valid values are (case-insensitive): `OKTA` | `AZURE` | `PING_FEDERATE` | `CUSTOM`.
         """
         return pulumi.get(self, "external_oauth_type")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="fullyQualifiedName")
-    def fully_qualified_name(self) -> pulumi.Output[builtins.str]:
+    def fully_qualified_name(self) -> pulumi.Output[_builtins.str]:
         """
         Fully qualified name of the resource. For more information, see [object name resolution](https://docs.snowflake.com/en/sql-reference/name-resolution).
         """
         return pulumi.get(self, "fully_qualified_name")
 
-    @property
+    @_builtins.property
     @pulumi.getter
-    def name(self) -> pulumi.Output[builtins.str]:
+    def name(self) -> pulumi.Output[_builtins.str]:
         """
         Specifies the name of the External Oath integration. This name follows the rules for Object Identifiers. The name should be unique among security integrations in your account. Due to technical limitations (read more here), avoid using the following characters: `|`, `.`, `"`.
         """
         return pulumi.get(self, "name")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="relatedParameters")
     def related_parameters(self) -> pulumi.Output[Sequence['outputs.ExternalOauthIntegrationRelatedParameter']]:
         """
@@ -974,7 +973,7 @@ class ExternalOauthIntegration(pulumi.CustomResource):
         """
         return pulumi.get(self, "related_parameters")
 
-    @property
+    @_builtins.property
     @pulumi.getter(name="showOutputs")
     def show_outputs(self) -> pulumi.Output[Sequence['outputs.ExternalOauthIntegrationShowOutput']]:
         """